10 matches found
EUVD-2018-6869
Malware in sbrugna...
EUVD-2018-6870
Malware in sbrugna...
Design/Logic Flaw
The MXQ TV Box 4.4.2 Android device with a build fingerprint of MBX/m201N/m201N:4.4.2/KOT49H/20160106:user/test-keys contains the Android framework with a package name of android versionCode=19, versionName=4.4.2-20170213 that dynamically registers a broadcast receiver app component named...
CVE-2018-14988
The MXQ TV Box 4.4.2 Android device with a build fingerprint of MBX/m201N/m201N:4.4.2/KOT49H/20160106:user/test-keys contains the Android framework with a package name of android versionCode=19, versionName=4.4.2-20170213 that contains an exported broadcast receiver application component that, wh...
CVE-2018-14987
The MXQ TV Box 4.4.2 Android device with a build fingerprint of MBX/m201N/m201N:4.4.2/KOT49H/20160106:user/test-keys contains the Android framework with a package name of android versionCode=19, versionName=4.4.2-20170213 that dynamically registers a broadcast receiver app component named...
CVE-2018-14988
The MXQ TV Box 4.4.2 Android device with a build fingerprint of MBX/m201N/m201N:4.4.2/KOT49H/20160106:user/test-keys contains the Android framework with a package name of android versionCode=19, versionName=4.4.2-20170213 that contains an exported broadcast receiver application component that, wh...
CVE-2018-14987
The MXQ TV Box 4.4.2 Android device with a build fingerprint of MBX/m201N/m201N:4.4.2/KOT49H/20160106:user/test-keys contains the Android framework with a package name of android versionCode=19, versionName=4.4.2-20170213 that dynamically registers a broadcast receiver app component named...
CVE-2018-14988
The MXQ TV Box 4.4.2 Android device with a build fingerprint of MBX/m201N/m201N:4.4.2/KOT49H/20160106:user/test-keys contains the Android framework with a package name of android versionCode=19, versionName=4.4.2-20170213 that contains an exported broadcast receiver application component that, wh...
CVE-2018-14987
The CVE-2018-14987 entry concerns the MXQ TV Box (Android 4.4.2) where the Android framework dynamically registers a broadcast receiver component, com.android.server.MasterClearReceiver, instead of static registration in the core Android manifest. This dynamic registration is not protected by the...
CVE-2018-14988
The CVE-2018-14988 entry describes an issue in MXQ TV Box 4.4.2 where an exported Android framework broadcast receiver component (com.android.server.SystemRestoreReceiver) is accessible without permissions and can write to /cache/recovery/command to trigger boot into recovery mode. This can forma...